2 matches found
Cart32 3.0 "expdate" Administrative Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1358/info By appending the string /expdate to a request for the cart32.exe executable, http: //target/cgi-bin/cart32.exe/expdate an attacker can access an error message followed by a debugging page containing the server...
CVE-2000-0429
CVE-2000-0429 concerns Cart32 3.0 and earlier. The vulnerability is a backdoor password in cart32.exe (password: ‘wemilo’) that allows a remote attacker to execute arbitrary commands in the web server context and potentially access credit card information. An additional path concern is that the a...